VAR-200210-0023
Vulnerability from variot - Updated: 2025-04-03 22:27IBM SecureWay Firewall before 4.2.2 performs extra processing before determining that a packet is invalid and dropping it, which allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed TCP packets without any flags set. A vulnerability has been discovered in IBM SecureWay Firewall for the AIX operating system. To reach a denial of service condition, 2.8Mbps of malicious requests must be sent to the vulnerable firewall. Versions prior to IBM SecureWay Firewall 4.2.2 perform additional processes before judging packets as invalid and discarding them
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200210-0023",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "secureway firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "ibm",
"version": "4.2.1"
},
{
"model": "secureway firewall",
"scope": "eq",
"trust": 1.9,
"vendor": "ibm",
"version": "4.2"
},
{
"model": "secureway firewall",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.2"
},
{
"model": "secureway firewall d",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "4.2.1"
}
],
"sources": [
{
"db": "BID",
"id": "5924"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-309"
},
{
"db": "NVD",
"id": "CVE-2002-1203"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery credited to Mauro Flores.",
"sources": [
{
"db": "BID",
"id": "5924"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-309"
}
],
"trust": 0.9
},
"cve": "CVE-2002-1203",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2002-1203",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-5588",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-1203",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200210-309",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-5588",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5588"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-309"
},
{
"db": "NVD",
"id": "CVE-2002-1203"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM SecureWay Firewall before 4.2.2 performs extra processing before determining that a packet is invalid and dropping it, which allows remote attackers to cause a denial of service (resource exhaustion) via a flood of malformed TCP packets without any flags set. A vulnerability has been discovered in IBM SecureWay Firewall for the AIX operating system. \nTo reach a denial of service condition, 2.8Mbps of malicious requests must be sent to the vulnerable firewall. Versions prior to IBM SecureWay Firewall 4.2.2 perform additional processes before judging packets as invalid and discarding them",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1203"
},
{
"db": "BID",
"id": "5924"
},
{
"db": "VULHUB",
"id": "VHN-5588"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "5924",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-1203",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200210-309",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20021009 FLOOD ACK PACKETS CAUSE AN IBM SECUREWAY FIREWALL DOS",
"trust": 0.6
},
{
"db": "XF",
"id": "10249",
"trust": 0.6
},
{
"db": "SECTRACK",
"id": "1005330",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-5588",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5588"
},
{
"db": "BID",
"id": "5924"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-309"
},
{
"db": "NVD",
"id": "CVE-2002-1203"
}
]
},
"id": "VAR-200210-0023",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5588"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:27:22.680000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5588"
},
{
"db": "NVD",
"id": "CVE-2002-1203"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5924"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/10249.php"
},
{
"trust": 1.0,
"url": "http://marc.info/?l=bugtraq\u0026m=103417988503398\u0026w=2"
},
{
"trust": 0.6,
"url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=103417988503398\u0026w=2"
},
{
"trust": 0.3,
"url": "http://www.securitytracker.com/alerts/2002/oct/1005330.html"
},
{
"trust": 0.3,
"url": "http://www-1.ibm.com/support/docview.wss?rs=0\u0026q=ir49046\u0026uid=swg185256b4f006cca2486256c31007feaca"
},
{
"trust": 0.1,
"url": "http://marc.info/?l=bugtraq\u0026amp;m=103417988503398\u0026amp;w=2"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5588"
},
{
"db": "BID",
"id": "5924"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-309"
},
{
"db": "NVD",
"id": "CVE-2002-1203"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-5588"
},
{
"db": "BID",
"id": "5924"
},
{
"db": "CNNVD",
"id": "CNNVD-200210-309"
},
{
"db": "NVD",
"id": "CVE-2002-1203"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-10-28T00:00:00",
"db": "VULHUB",
"id": "VHN-5588"
},
{
"date": "2002-10-09T00:00:00",
"db": "BID",
"id": "5924"
},
{
"date": "2002-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200210-309"
},
{
"date": "2002-10-28T05:00:00",
"db": "NVD",
"id": "CVE-2002-1203"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-5588"
},
{
"date": "2009-07-11T18:06:00",
"db": "BID",
"id": "5924"
},
{
"date": "2009-08-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200210-309"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-1203"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-309"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM SecureWay Firewall Service Rejection Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-309"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200210-309"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…